S/N 09/892,667' 

Response to Office Action dated August 2 1 , 2006 
IN THE CLAIMS 

Please amend the claims as follows (all claims listed): 

1. (Currently Amended) A mobile system, comprising: 

a host chipset; 

a locator subsystem connected to the host chipset and arranged to determine a current 
location of the mobile system; and 

a main storage connected to the host chipset and arranged to store an operating system 
(OS) and contain an OS-Present application and/or a Pre-OS application configured to enforce 
system login security policies during user authentication, to access the locator subsystem and 
determine whether the mobile system may have been stolen or used inappropriately based on the 
current location of the mobile system and the system login security policies. 

2. (Original) The mobile system as claimed in claim 1, wherein said main storage comprises: 

a main memory arranged to store the operating system (OS), and the OS-Present 
application which is executed while the operating system (OS) is present; and 

a flash memory arranged to store the Pre-OS application which is executed during boot 
up before the operating system (OS) is loaded. 
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3. (Currently Amended) The mobile system as claimed in claim 2, further comprising: 

a protected storage configured to support the Pre-OS application and the OS-Present 
application and to store at least configuration data, the system login security policies, and 
authentication data, and oth e r information obtain e d from th e Pre OS application and th e OS 
Pr e sent application . 

4. (Original) The mobile system as claimed in claim 3, further comprising: 

a first interface arranged to provide the Pre-OS application access to the protected 
storage; and 

a second interface arranged to provide the OS-Present application access to the protected 
storage. 

5. (Original) The mobile system as claimed in claim 3, wherein said protected storage is a non- 
volatile readable and writeable memory device. 

6. (Previously Presented) The mobile system as claimed in claim 3, wherein said locator 
subsystem is a radio frequency (RF) based locator subsystem for determining the current location 
of the mobile system. 



3 



S/N 09/892,667' 

Response to Office Action dated August 21, 2006 

7. (Currently Amended) The mobile system as claimed in claim 6, wherein the OS-Present 
and/or the Pre-OS application are further configured to enforce security policies that include said 
s e curity policies for th e Pr e OS application and the OS Pres e nt application includ e a d e signat e d 
numb e r of failed log on att e mpts, an unauthorized change attempted on selected platform 
policies, an unauthorized use of monitored services, a designated time expiration based on a 
renewable certificate^,]] or a lack of communication to a policy server or to a security token, and 
an unauthorized deletion of the protected storage. 

8. (Previously Presented) The mobile system as claimed in claim 7, wherein said Pre-OS 
application is a system basic input/output start-up (BIOS) that is configured in accordance with 
Intel® Protected Access Architecture (IPAA), and that is executed during boot up before the 
operating system (OS) is loaded. 

9. (Original) The mobile system as claimed in claim 8, wherein said system BIOS is executed 
during boot up to check a Pre OS security policy record, collect location based information from 
the RF-based locator subsystem, determine if there is a violation of the security policies during 
user authentication and, if there is a violation of the security policies, make a decision that the 
mobile system may have been stolen or used inappropriately. 

10. (Original) The mobile system as claimed in claim 9, wherein said system BIOS is executed 
during boot up to further report the location of the mobile system to a proper authority, via an 
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Internet or a RF-based wireless network. 

11. (Original) The mobile system as claimed in claim 7, wherein said OS Present application is 
executed to obtain an OS security record, check location based information, determine if an 
action is required based on the security policies and, if an action is required, then report a 
violation to an OS readable location in the protected storage and/or an external event monitoring 
facility. 

12. (Previously Presented) The mobile system as claimed in claim 11, wherein said RF based 
locator subsystem is a Global Positioning System (GPS) receiver connected to the host chipset 
and arranged to contain an antenna complex for receiving the current location of the mobile 
system. 

13. (Previously Presented) The mobile system as claimed in claim 11, wherein said RF based 
locator subsystem is a RF transmitter that is part of a stolen device recovery system to provide 
location based information and is activated upon an occurrence of a trigger event to broadcast a 
silent, coded radio signal to the stolen device recovery system, via a radio tower, for enabling the 
police to track and recover the stolen device. 

14. (Previously Presented) The mobile system as claimed in claim 11, wherein said RF-based 
locator subsystem is a Bluetooth™ transceiver that is part of a Bluetooth™ based security 
system including a central security server and a network of Bluetooth (voice/data) Access Points 
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(BTAPs) installed in a designated area to provide security services for the mobile system, 
including asset control, remote monitoring and tracking of the mobile system, through the 
Internet or the RF-based wireless network. 

15. (Currently Amended) A mobile system comprising: 
a host chipset; 

a RF-based locator subsystem connected to the host chipset and arranged to determine a current 
location of the mobile system; 

a main memory connected to the host chipset and arranged to store an operating system (OS) and 
an OS-Present application executed while the operating system (OS) is present; and 

a flash memory connected to the host chipset and arranged to store a Pre-OS application 
executed during boot up before the operating system (OS) is loaded and configured to enforce 
system login security policies during user authentication, to access the RF-based locator 
subsystem and determine whether the mobile system may have been stolen or used 
inappropriately based on the curr e ntly current location of the mobile system and the system login 
security policies. 

16. (Currently Amended) The mobile system as claimed in claim 15, wherein said security 
policies include a designated number of failed log on attempts, an unauthorized change 
attempted on selected platform policies, an unauthorized use of monitored services, a designated 

6 



S/N 09/892,667 

Response to Office Action dated August 2 1 , 2006 

time expiration based on a renewable certificate^,]] or a lack of communication to a policy 
server or to a security token, and an unauthorized deletion of the protected storage. 

17. (Previously Presented) The mobile system as claimed in claim 16, wherein said Pre-OS 
application is a system basic input/output start up (BIOS) that is configured in accordance with 
Intel® Protected Access Architecture (IPAA), and that is executed during boot up before the 
operating system (OS) is loaded. 

18. (Original) The mobile system as claimed in claim 17, wherein said system BIOS is executed 
during boot up to check a Pre-OS security policy record, collect location based information from 
the RF-based locator subsystem, determine if there is a violation of the security policies during 
user authentication and, if there is a violation of the security policies, make a decision that the 
mobile system may have been stolen or used inappropriately. 

19. (Original) The mobile system as claimed in claim 18, wherein said system BIOS is executed 
during boot up to further report the current location of the mobile system to a proper authority, 
via an Internet or a RF-based wireless network. 

20. (Original) The mobile system as claimed in claim 15, wherein said OS-Present application is 
executed to obtain an OS security record, check location based information, determine if an 
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action is required based on the security policies and, if an action is required, then report a 
violation to an OS readable location in the protected storage and/or an external event monitoring 
facility. 

21. (Previously Presented) The mobile system as claimed in claim 15, wherein said RF-based 
locator subsystem is a Global Positioning System (GPS) receiver connected to the host chipset 
and arranged to contain an antenna complex for receiving the current location of the mobile 
system. 

22. (Previously Presented) The mobile system as claimed in claim 15, wherein said RF-based 
locator subsystem is a RF transmitter that is part of a stolen device recovery system to provide 
location based information and is activated upon an occurrence of a trigger event to broadcast a 
silent, coded radio signal to the stolen device recovery system, via a radio tower, for enabling the 
police to track and recover the stolen device. 

23. (Previously Presented) The mobile system as claimed in claim 15, wherein said RF-based 
locator subsystem is a Bluetooth™ transceiver that is part of a Bluetooth™ based security 
system including a central security server and a network of Bluetooth (voice/data) Access Points 
(BTAPs) installed in a designated area to provide security services for the mobile system, 
including asset control, remote monitoring and tracking of the mobile system, through the 
Internet or the RF-based wireless network. 
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24. (Currently Amended) A computer readable medium having stored thereon a set of system 
basic input/output start up "system BIOS" instructions which, when executed by a processor 
during start up, cause the processor to perform: 

initializing and testing a system platform of a mobile system; 

checking a Pre-OS security policy record for an approved trigger mechanism; 

collecting location based information for said mobile system from the approved trigger 
mechanism; 

determining if there is a violation of security policies during system login user 
authentication; and 

if there is a violation of the security policies, making a decision that the mobile system 
may have been stolen or used inappropriately; 

wherein said system BIOS instructions are configured in accordance with Intel® 
Protected Access Architecture (IP A A). 

25. (Original) The computer readable medium as claimed in claim 24, wherein said system 
BIOS instructions further cause the processor to report the location based information indicating 
the current location of the mobile system to a proper authority, via an Internet or a RF-based 
wireless network, when there is a violation of the security policies. 
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26. (Currently Amended) The computer readable medium as claimed in claim 24, wherein said 
security policies for the system BIOS instructions include a designated number of failed log on 
attempts, an unauthorized change attempted on selected platform policies, an unauthorized use of 
monitored services, a designated time expiration based on a renewable certificate^,]] or lack of 
communication to a policy server or to a security token, and an unauthorized deletion of a 
protected storage. 
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